package controllers.sys;

import models.sys.AdminMenu;
import models.sys.AdminRole;
import models.sys.AdminUser;
import models.sys.AdminUserLog;
import org.apache.log4j.Logger;
import packaged.SessionManager;
import plugin.shiro.AdminPasswordHelper;
import utils.TextUtils;

/**
 * Created by zqx on 16/5/22.
 */
class Security extends Secure.Security {
    private static Logger logger = Logger.getLogger(Security.class);

    static boolean authenticate(String username, String password, Boolean remember) {
        if (TextUtils.isEmpty(username) || TextUtils.isEmpty(password)) {
            return false;
        }

        boolean isLogin;

        validation.required(username);
        validation.required(password);

        AdminUser user = AdminUser.find("byUsername", username).first();
        //创建一个新的登陆日志
        AdminUserLog loginLog = AdminUserLog.getLoginLog();
        //给日志添加用户的登录名
        loginLog.logname = username;
        //添加用户登录所用IP
        loginLog.logip = request.remoteAddress;
        //对用户是否存在/锁定状态/密码是否正确进行验证
        if (user != null && user.enabled == 1 && user.role.enabled == 1 && AdminPasswordHelper.decipherPassword(password, user.salt).equals(user.password)) {
            //如果允许登陆,则记录其真实ID
            loginLog.userid = user.id;
            isLogin = true;
        } else {
            isLogin = false;
        }
        //记录登录状态
        loginLog.issuccess = isLogin;
        logger.warn(loginLog.toLoggerString());
        loginLog.save();    //保存登陆日志
        return isLogin;
    }

    static boolean check() {
        //创建一条操作日志
        AdminUserLog actionlog = AdminUserLog.getActionLog();
        //记录操作者IP
        actionlog.logip = request.remoteAddress;
        //记录目标地址
        actionlog.target = request.path;

        boolean allow = false;
        String rid = SessionManager.getAttribute("rid");
        AdminUser user;

        try {
            String uid = SessionManager.getAttribute("uid");
            user = AdminUser.findById(Long.parseLong(uid));
        } catch (NumberFormatException e) {
            user = null;
        }


        if (user != null && !TextUtils.isEmpty(rid)) {
            //记录操作者ID
            actionlog.userid = user.id;
            //记录操作者用户名
            actionlog.logname = user.username;

            AdminRole role = AdminRole.findById(Long.parseLong(rid));

            for (AdminMenu menu : role.menus) {
                String menuurl = menu.menuurl;
                if (!TextUtils.isEmpty(menuurl) && menuurl.lastIndexOf("/") != -1) {
                    menuurl = menu.menuurl.substring(0, menu.menuurl.lastIndexOf("/"));
                }
                if (!TextUtils.isEmpty(menuurl) && request.path.startsWith("/" + menuurl)) {
                    //记录目标名称
                    actionlog.menuname = menu.menuname;
                    allow = true;
                    break;
                }
            }
        }
        //记录操作是否成功
        actionlog.issuccess = allow;
        logger.warn(actionlog.toLoggerString());
        //保存记录
        actionlog.save();
        return allow;
    }

}
